laptop setup

git clone https://github.com/narkaTee/bootstrap-ws.git
cd bootstrap-ws
# you should check what secret settings you want to make
vim inventory/group_vars/laptop.yaml
./setup-laptop.sh

SSH Config

The runbook sets up a ~/.ssh/config.d/ folder where configurations can be dropped

To put a additional-config.conf into that folder edit inventory/group_vars/laptop.yaml

ssh_additional_config:
  - |
    Host my-trusted-host
        User user
        ForwardAgent yes
  - |
    Host another-host
        User anotheruser

yubikey

pam auth with yubikey
- https://github.com/Yubico/pam-u2f

Too enable this make sure inventory/group_vars/laptop.yaml contains:

yubikey_pam_keys:
  - user: <username>
    keylines:
      - "..."
      - "..."

each yubikey must be added with a keyline. The line can be obtained by running: pamu2fcfg -u<username>

dracut

drop to shell kernel param: rd.break=initqueue

dracut is still experimental in debian.

It requires some manual fixes for plymouth and disk decryption to work (see dracut).

The plan is to use it later with systemd-cryptsetup and fido2 unlock. But this has to wait until the dracut setup proved to be reliable.

Ressources:

fido unlock

enroll: sudo systemd-cryptenroll /dev/nvme0n1pX --fido2-device=auto --fido2-with-client-pin=yes crypttab: fido2-device=auto dracut fido:

## Spaces in the quotes are critical.
# install_optional_items+=" /usr/lib/x86_64-linux-gnu/libfido2.so.* "

## Ugly workround because the line above doesn't fetch
## dependencies of libfido2.so
install_items+=" /usr/bin/fido2-token "

# Required detecting the fido2 key
install_items+=" /usr/lib/udev/rules.d/60-fido-id.rules /usr/lib/udev/fido_id "

pen test botstrapping

arch base install

git clone https://github.com/narkatee/workstation
./install-arch.sh
reboot 🚀😎

setup blackarch

arch base install
login as root
cd ansible
./setup.sh blackarch.yml

setup pen test tooling

distro independant

base install (arch or kali)
login as root
cd ansible
./setup.sh tooling.yml

Name		Name	Last commit message	Last commit date
Latest commit History 34 Commits
.config/molecule		.config/molecule
.github		.github
dracut		dracut
inventory		inventory
roles		roles
sandbox		sandbox
templates		templates
.ansible-lint		.ansible-lint
.ansible-lint-ignore		.ansible-lint-ignore
.editorconfig		.editorconfig
.gitignore		.gitignore
.yamllint		.yamllint
Containerfile-sandbox		Containerfile-sandbox
ansible.cfg		ansible.cfg
blackarch.yml		blackarch.yml
install-arch.sh		install-arch.sh
laptop.yaml		laptop.yaml
pen-test-tooling.yml		pen-test-tooling.yml
readme.md		readme.md
requirements.yaml		requirements.yaml
setup-laptop.sh		setup-laptop.sh
setup-pen.sh		setup-pen.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

laptop setup

SSH Config

yubikey

dracut

pen test botstrapping

arch base install

setup blackarch

setup pen test tooling

About

Uh oh!

Releases

Packages

Uh oh!

Uh oh!

Contributors 3

Uh oh!

Languages

narkaTee/bootstrap-ws

Folders and files

Latest commit

History

Repository files navigation

laptop setup

SSH Config

yubikey

dracut

pen test botstrapping

arch base install

setup blackarch

setup pen test tooling

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Uh oh!

Contributors 3

Uh oh!

Languages

Packages